SWS:lmp P0367 4/11/05 



Patent 



Amendments to the Claims : 

1. (currently amended): A method of regulating access to a website by a user 
terminal via the internet, the user terminal reading a document including an embedded 
digital watermark, said method comprising: th e st e ps of: 

at the user terminal, extracting identifying data from the digital watermark, and 
providing the identifying data to a central computer; 
at the central computer: 

identifying a pointer associated with the identifying data; 

generating at least one component of response information; 

storing the response information; and 

providing the pointer and response information to the user terminal; 
at the user terminal, communicating with the website via the pointer and 
providing the response information to the website; 

at the website, communicating verification information to the central computer; 

and 

at the central computer, verifying authority to access the website based at least in 
part on a comparison of the verification information and the stored response information. 

2. (original): The method according to claim 1, wherein the identifying data 
comprises a document identifier. 

3. (original): The method according to claim 2, wherein the pointer comprises at 
least one of a URL, IP address and web address. 

4. (original): The method according to claim 2, wherein the at least one 
component comprises a random number. 

5. (currently amended): The method according to claim 4, wherein said 
generating step further comprises th e st e p of generating at least a second component, the 
second component comprising a time stamp. 
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6. (original): The method according to claim 2, wherein the response information 
comprises at least the random number and the time stamp. 

7. (original): The method according to claim 6, wherein the verification 
information comprises at least the random number, the time stamp and a valid identifier. 

8. (currently amended): The method according to claim 7, wherein said verifying 
authority step comprises th e st e ps of indexing the stored response information via the 
communicated random number and determining whether the stored document identifier 
matches the valid identifier and whether the verification information is received within a 
predetermined time period. 

9. (currently amended): The method according to claim 8, wherein when the 
stored document identifier matches the valid identifier within the predetermined time 
period, said method further comprising th e st e p of authorizing user terminal access to the 
website. 

10. (currently amended): The method according to claim 8, wherein when the 
stored document identifier does not match the valid identifier or the verification 
information is not received within the predetermined time period, said method further 
comprises th e st e p of signaling a lack of authority for the user terminal to access the 
website. 

1 1 . (currently amended): The method according to claim 7, wherein said 
verifying authority step comprises th e st e ps of indexing the stored response information 
via the valid identifier and determining whether the stored random number matches the 
communicated random number, and whether the verification information is received 
within a predetermined time period. 
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12. (currently amended): The method according to claim 1, further comprising 
th e st e p of encrypting at least one component of the of th e response information. 

13. (original): The method according to claim 2, wherein the document identifier 
is randomly generated. 

14. (currently amended): A method of authenticating permission to access a 
system comprising: th e st e ps of: 

receiving a request to enter the system, the request including at least a verification 

key; 

querying a data structure to determine whether the verification key is authorized; 

and 

allowing access to the system based on the response to the query. 

15. (original): The method according to claim 14, wherein said system comprises 
a website. 

16. (currently amended): The method according to claim 15, wherein said 
receiving step comprises a user terminal signaling the website. 

17. (original): The method according to claim 14, wherein the verification key 
comprises a first random number, and the data structure comprises at least one data 
record including a second random number and a first identifier. 

18. (original): The method according to claim 17, wherein the verification key 
further comprises a first time stamp and the data record further includes a second time 
stamp. 

19. (original): The method according to claim 18, wherein said system 
communicates the first random number and a second identifier to the data structure, and 
wherein said data structure: 
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indexes the data record via the first random number, the first and second random 
numbers being equal, 

determines whether the first identifier matches the second identifier, and whether 
the first time stamp is within a predetermined time range based on the second time stamp, 
and 

signals to the system whether the first identifier matches the second identifier and 
whether the first time stamp is within the predetermined time range. 

20. (original): The method according to claim 17, wherein the first identifier 
comprises an identifier extracted from a digital watermark. 

21 . (currently amended): The method according to claim 17, wherein said 
system communicates the [[a]] second identifier and the first random number to the data 
structure, and wherein said data structure: 

indexes the data record via the second identifier, the first identifier and second 
identifier being equal, 

determines whether the first random number matches the second random number, 

and 

signals to the system whether the first random number matches the second 
random number and whether the verification information is received within a 
predetermined time. 

22. (original): A system for exchanging data comprising: 

a central server comprising at least one database including response information 
and pointer information, wherein when a user terminal communicates an extracted 
watermark identifier to said central server, said central server identifies a corresponding 
URL with the extracted watermark identifier, and wherein said central server generates a 
number, and stores the number and extracted watermark identifier in the database as 
response information. 
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23. (original): The system according to claim 22, wherein said at least one 
database comprises a first database for storing pointers and a second database for storing 
response information. 

24. (original): The system according to claim 22, wherein said server further 
generates a time stamp and stores the time stamp with the response information. 

25. (original): The system according to claim 22, wherein the number comprises 
at least one of a random number, a pseudo-random number, and a predetermined number. 

26. (currently amended): A method of operating a computer server, the computer 
server to communicate with at least one user terminal, said method comprising! th e st e ps 
e£ 

receiving a document identifier from the user terminal; 

identifying a pointer associated with the document identifie r, wherein the pointer 
comprises at least one of a URL. IP address and web address ; 

generating at least one component of response information; 
storing the response information; and 

providing the pointer and response information to the user terminal. 

27. (original): The method according to claim 26, wherein the document 
identifier comprises an identifier embedded in the form of a digital watermark. 

28. canceled. 

29. (original): The method according to claim 27, wherein the at least one 
component comprises a random number. 

30. (original): The method according to claim 29, wherein the response 
information further comprises a time stamp. 
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31. (original): The method according to claim 26, wherein the response 
information comprises at least a random number and a time stamp. 

32. (currently amended): The method according to claim 31, further comprising 
a st e p of verifying data, wherein said verifying data step comprises th e st e ps of indexing 
the stored response information via a second random number, and determining whether 
the stored document identifier matches a valid identifier. 

33. (currently amended): The method according to claim 32, wherein when the 
stored document identifier matches the valid identifier, said method further comprises the 
step-ef authorizing user terminal access. 

34. (currently amended): The method according to claim 32, wherein when the 
stored document identifier does not match a valid identifier, said method further 
comprises th e st e p of signaling a lack of authority for the user terminal. 

35. (currently amended): The method according to claim 31, wherein said 
verifying data step comprises th e st e ps of indexing the stored response information via a 
valid identifier and determining whether the stored random number matches a second 
random number. 

36. (currently amended): The method according to claim 31, further comprising 
th e step of encrypting at least one component of the response information. 

37. (original): The method according to claim 31, wherein the document 
identifier is randomly generated. 

38. canceled. 



